{"id":48716736,"url":"https://github.com/envoy1084/fhe-dksap","last_synced_at":"2026-04-11T17:30:08.719Z","repository":{"id":303202099,"uuid":"1014287189","full_name":"envoy1084/fhe-dksap","owner":"envoy1084","description":"A Rust implementation of the FHE-DKSAP","archived":false,"fork":false,"pushed_at":"2025-07-06T23:42:11.000Z","size":36,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-14T11:38:22.533Z","etag":null,"topics":["dksap","ethereum","fhevm","protocol","stealth-addresses"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/envoy1084.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-07-05T12:17:59.000Z","updated_at":"2025-07-06T23:42:14.000Z","dependencies_parsed_at":"2025-07-06T10:32:30.336Z","dependency_job_id":"b3477c47-b69c-4a99-9081-7ebfc3b8e17c","html_url":"https://github.com/envoy1084/fhe-dksap","commit_stats":null,"previous_names":["envoy-vc/fhe-dksap","envoy1084/fhe-dksap"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/envoy1084/fhe-dksap","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envoy1084%2Ffhe-dksap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envoy1084%2Ffhe-dksap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envoy1084%2Ffhe-dksap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envoy1084%2Ffhe-dksap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/envoy1084","download_url":"https://codeload.github.com/envoy1084/fhe-dksap/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/envoy1084%2Ffhe-dksap/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31689751,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-11T13:07:20.380Z","status":"ssl_error","status_checked_at":"2026-04-11T13:06:47.903Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dksap","ethereum","fhevm","protocol","stealth-addresses"],"created_at":"2026-04-11T17:30:07.925Z","updated_at":"2026-04-11T17:30:08.711Z","avatar_url":"https://github.com/envoy1084.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# FHE-DKSAP: Fully Homomorphic Encryption based Dual Key Stealth Address Protocol\n\n[![Rust](https://img.shields.io/badge/rust-1.81+-blue.svg)](https://www.rust-lang.org)\n[![License](https://img.shields.io/badge/license-MIT-green.svg)](LICENSE)\n\nA Rust implementation of the FHE-DKSAP (Fully Homomorphic Encryption based Dual Key Stealth Address Protocol) for enhanced privacy in blockchain transactions.\n\n## ⚠️ Security Notice\n\n**This implementation is for research and educational purposes only. It has not been audited and is not intended for production use. Use at your own risk.**\n\n## Introduction\n\nFHE-DKSAP is an advanced stealth address protocol that leverages Fully Homomorphic Encryption (FHE) to provide enhanced privacy protection for blockchain transactions. This protocol addresses the limitations of traditional Dual-Key Stealth Address Protocols (DKSAP) by:\n\n- **Quantum Resistance**: Built on lattice-based cryptography, providing protection against quantum computing attacks\n- **Enhanced Privacy**: Computations are performed over encrypted data, preventing key leakage attacks\n- **Outsourced Computation**: Enables third-party verification without revealing private keys\n\nThis implementation is based on the research presented in the [Ethereum Research Forum](https://ethresear.ch/t/fhe-dksap-fully-homomorphic-encryption-based-dual-key-stealth-address-protocol/16213).\n\n## How It Works\n\n### Protocol Overview\n\nFHE-DKSAP is an advanced stealth address protocol that builds upon DKSAP and BasedSAP with significant privacy and security improvements. The protocol operates through three main phases:\n\n#### Phase 1: Bob's Setup (Receiver)\n\nBob creates two key pairs for enhanced privacy and security:\n\n1. **Ethereum Wallet Key Pair** `(sk₂, PK₂)`:\n   - `sk₂` is a randomly generated Ethereum wallet private key for stealth address spending\n   - This key does not need to be registered on Ethereum before use and is separate from Bob's main wallet\n   - `PK₂` is the corresponding public key generated using standard Ethereum address conversion\n\n2. **FHE Key Pair** `(sk_b, PK_b)`:\n   - `sk_b` is Bob's FHE private key for encryption and decryption operations\n   - `PK_b` is used to encrypt `sk₂` into ciphertext `C₂`\n   - Due to FHE's quantum resistance, it's safe to encrypt the private key\n\n3. **Public Sharing**: Bob publicly shares `PK₂`, `PK_b`, and the encrypted `C₂`\n\n#### Phase 2: Alice's Transaction (Sender)\n\nAlice generates a unique ephemeral key pair for each stealth address transaction:\n\n1. **Ephemeral Key Generation**: Alice creates `(sk₁, PK₁)` randomly for each transaction\n   - `sk₁` is an Ethereum ephemeral private key\n   - The corresponding public key/wallet address doesn't need Ethereum registration\n\n2. **Stealth Address Creation**:\n   - Alice combines her ephemeral public key `PK₁` with Bob's public key `PK₂` to obtain `PK_z`\n   - The stealth address is generated from `PK_z` using standard Ethereum address conversion\n\n3. **Encryption and Broadcasting**:\n   - Alice encrypts her ephemeral private key `sk₁` using Bob's FHE public key `PK_b`, creating ciphertext `C₁`\n   - Alice broadcasts `C₁` in an untrackable manner so Bob can retrieve it\n   - **Important**: Alice cannot know the stealth address's private key since private keys cannot be derived from public keys\n\n#### Phase 3: Bob's Recovery\n\nBob recovers the stealth address private key using FHE operations:\n\n1. **Ciphertext Addition**: Bob receives `C₁` and adds the two ciphertexts (`C₁ + C₂`) to obtain `C`\n\n2. **FHE Decryption**: Using the additive homomorphism property of FHE, Bob decrypts `C` with his FHE private key `sk_b`\n   - The decryption result is the stealth address private key `sk_z`\n\n3. **Stealth Address Control**: Bob can now generate the stealth address from `sk_z` and control the wallet\n   - Only Bob possesses the private key `sk_z` to spend from the stealth address\n\n### Key Improvements Over Traditional DKSAP\n\nFHE-DKSAP provides significant enhancements compared to DKSAP and BasedSAP:\n\n- **Enhanced Privacy**: All computations are performed over encrypted data (ciphertext), protecting sensitive information\n- **Key Leakage Prevention**: Eliminates the risk of private key and personal information leakage\n- **Quantum Resistance**: Built on lattice-based FHE cryptography, providing protection against quantum computing attacks\n- **Outsourced Verification**: Enables third-party verification without revealing private keys\n## Protocol Flow\n\n```mermaid\nsequenceDiagram\n    participant Bob as Receiver (Bob)\n    participant Alice as Sender (Alice)\n    participant Chain as Blockchain\n    participant Network as Network\n\n    Note over Bob: Phase 1: Bob's Setup\n    Bob-\u003e\u003eBob: Generate Ethereum wallet key pair (sk₂, PK₂)\n    Bob-\u003e\u003eBob: Generate FHE key pair (sk_b, PK_b)\n    Bob-\u003e\u003eBob: Encrypt sk₂ using PK_b → C₂\n    Bob-\u003e\u003eNetwork: Publish PK₂, PK_b, C₂ publicly\n\n    Note over Alice: Phase 2: Alice's Transaction\n    Alice-\u003e\u003eAlice: Generate ephemeral key pair (sk₁, PK₁)\n    Alice-\u003e\u003eAlice: Combine PK₁ + PK₂ → PK_z\n    Alice-\u003e\u003eAlice: Generate stealth address from PK_z\n    Alice-\u003e\u003eAlice: Encrypt sk₁ using PK_b → C₁\n    Alice-\u003e\u003eChain: Send transaction to stealth address\n    Alice-\u003e\u003eNetwork: Broadcast C₁ (untrackable)\n\n    Note over Bob: Phase 3: Bob's Recovery\n    Bob-\u003e\u003eNetwork: Receive C₁\n    Bob-\u003e\u003eBob: Add ciphertexts: C₁ + C₂ → C\n    Bob-\u003e\u003eBob: Decrypt C using sk_b → sk_z\n    Bob-\u003e\u003eBob: Generate stealth address from sk_z\n    Bob-\u003e\u003eChain: Spend from stealth address using sk_z\n```\n\n## Installation\n\n### Prerequisites\n\n- Rust 1.81 or later\n- Cargo package manager\n\n### Installation Options\n\n\n#### Option 1: From Crates.io\n\nAdd the following to your `Cargo.toml`:\n\n```toml\n[dependencies]\nfhe-dksap = \"0.1.0\"\n```\n\n#### Option 2: From Git Repository (Latest Development)\n\n```bash\n# Clone the repository\ngit clone https://github.com/Envoy-VC/fhe-dksap\ncd fhe-dksap\n\n# Build the project\ncargo build --release\n\n# Run the example\ncargo run --example user_flow\n```\n\n## Usage\n\n### Basic Example\n\nThe main example demonstrates the complete FHE-DKSAP protocol:\n\n```rust\nuse secp256k1::Secp256k1;\nuse tfhe::ConfigBuilder;\nuse fhe_dksap::{\n    generate_ethereum_key_pair, generate_fhe_key_pair, generate_stealth_address,\n    recover_secret_key, encrypt_secret_key\n};\n\nfn main() -\u003e Result\u003c(), Box\u003cdyn std::error::Error\u003e\u003e {\n    println!(\"🚀 Starting FHE-DKSAP Protocol Demonstration\");\n    \n    // Initialize cryptographic contexts\n    let secp = Secp256k1::new();\n    let config = ConfigBuilder::default().build();\n    \n    // Phase 1: Bob (Receiver) Setup\n    println!(\"\\n📋 Phase 1: Bob (Receiver) Setup\");\n    \n    // Generate Ethereum wallet key pair for stealth address spending\n    let receiver_eth_keypair = generate_ethereum_key_pair(\u0026secp)?;\n    \n    // Generate FHE key pair for encryption/decryption\n    let receiver_fhe_keypair = generate_fhe_key_pair(config)?;\n    \n    // Encrypt the receiver's secret key\n    let receiver_enc_secret_key = encrypt_secret_key(\n        receiver_eth_keypair.secret_key,\n        \u0026receiver_fhe_keypair.public_key,\n    );\n    \n    println!(\"✅ Receiver setup completed\");\n    \n    // Phase 2: Alice (Sender) Creates Stealth Address\n    println!(\"\\n📋 Phase 2: Alice (Sender) Creates New Stealth Address\");\n    \n    let stealth_address = generate_stealth_address(\n        \u0026secp,\n        \u0026receiver_eth_keypair.public_key,\n        \u0026receiver_fhe_keypair.public_key,\n    )?;\n    \n    println!(\"✅ Stealth address generated\");\n    println!(\"Stealth Address: {}\", stealth_address.stealth_address);\n    \n    // Phase 3: Bob (Receiver) Recovers Stealth Address\n    println!(\"\\n📋 Phase 3: Bob (Receiver) Recovers Stealth Address Secret Key\");\n    \n    let recovered_keypair = recover_secret_key(\n        \u0026secp,\n        \u0026receiver_fhe_keypair,\n        \u0026receiver_enc_secret_key,\n        \u0026stealth_address.encrypted_secret_key,\n    )?;\n    \n    let phase3_end = phase3_start.elapsed();\n    println!(\"✅ Stealth address private key recovered\");\n    \n    // Verification\n    println!(\"\\n🔍 Verification\");\n    let recovered_address = fhe_dksap::utils::pk_to_eth_address(\u0026recovered_keypair.public_key);\n    let is_valid = stealth_address.stealth_address == recovered_address;\n    \n    if is_valid {\n        println!(\"✅ SUCCESS: Recovered stealth address matches generated address!\");\n    } else {\n        println!(\"❌ ERROR: Address verification failed!\");\n    }\n    \n    Ok(())\n}\n```\n\n### Running Examples\n\nTo run the examples:\n\n```bash\n# Run the main example\ncargo run --example user_flow\n\n# Run with release optimizations (recommended for performance)\ncargo run --release --example user_flow\n```\n\n## Contributing\n\nWe welcome contributions to improve the FHE-DKSAP implementation!\n\n## Acknowledgements\n\n### Research Foundation\n\nThis implementation is based on the groundbreaking research presented in:\n- **[FHE-DKSAP Research Paper](https://ethresear.ch/t/fhe-dksap-fully-homomorphic-encryption-based-dual-key-stealth-address-protocol/16213)** - The original research by Ethereum Fellows\n- **EIP-5564** - Stealth Addresses for Ethereum\n- **BasedSAP** - The foundational stealth address protocol\n\n### Cryptographic Libraries\n\n- **[TFHE-rs](https://github.com/zama-ai/tfhe-rs)** - Fully Homomorphic Encryption library by Zama AI\n- **[secp256k1](https://github.com/bitcoin-core/secp256k1)** - Bitcoin/Ethereum elliptic curve implementation\n- **[sha3](https://github.com/RustCrypto/hashes)** - Keccak-256 hashing implementation\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n**Disclaimer**: This software is provided \"as is\" without warranty of any kind. Use at your own risk and only for research purposes.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenvoy1084%2Ffhe-dksap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fenvoy1084%2Ffhe-dksap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenvoy1084%2Ffhe-dksap/lists"}